I needed to add some more file types for ack-grep to find / search when I’m looking for PHP code that resides in files with non-standard extensions (e.g. something.def, something.inc etc).
I found MySQL was being annoying earlier and not ‘accepting’ my max_connections = 450 directive on a Debian Wheezy install, and being seemingly stuck on having 214 connections….
I have an Intel NUC d54250wyk as my work computer (it’s a little dinky thing, which somehow manages to pack a reasonable punch).
On board it has a mini-hdmi port, and a mini-display port – which I used for a dual monitor configuration.
But two monitors is so last year …. and after 5+ years of having two monitors to stare at, I thought it was perhaps time to move up to 3 (or more).
Continue reading “More monitors.”
I’ve been using BTRFS for a few weeks now, and some bits are great (filesystem snapshots, dynamic resizing etc).
The “Good” and “Bad” things follow:
Continue reading “BTRFS gotchas… (balance / scrub / snapshots / quota)”
I needed a variant of Squid which supported transparent SSL interception (i.e via iptables redirection) so I could log outgoing HTTPS requests without the client being aware.
The stock wheezy variant doesn’t support SSL (see : Debian Bug Report).
Even after recompiling Wheezy’s squid3 it didn’t seem to work (perhaps my stupidity) so I ended up moving to the latest-and-greatest squid (3.4.9 at the time of writing) and getting that to work. Brief notes follow.
One server I poke around on, has a number of postfix instances
Interestingly, one instance was logging things like :
Oct 26 22:02:05 mail postfix-blah/smtpd: connect from unknown[18.104.22.168] Oct 26 22:02:05 mail postfix-blah/smtpd: CA9292EE2C0: client=unknown[22.214.171.124]
Some random useful things for Ansible users:
Need to set a HTTP proxy within a Debian system ?
Assuming your proxy server is on 192.168.0.1 and listening on port 3128, then the below may help …
( If you need authentication you can use username:password@ like you would in an old style web browser – e.g. http://username:firstname.lastname@example.org:3128. )
/etc/wgetrc and add
http_proxy = http://192.168.0.1:3128
(some system commands rely on wget, and may not otherwise use an environment variable, e.g. debootstrap; the http_proxy setting should be present by default but commented out).
(This is all, in a round about way, relayed to the http proxy security vulnerability announced in July 2016 – see httpoxy.org for more info)
It’s an Intel i5 4250U processor (dual core, laptop processor). Supports up to 16gb of RAM and the Intel 5000 graphics thing in it.
The box itself is really small – and silent. A laptop size hard disk can fit into it (2.5″ hdd).
- BIOS needs updating before it can be installed (apparently); See Intel’s website – currently here – it’s just a case of downloading the .BIO file and sticking it on a USB stick and pressing F7 on boot and following through the prompts.
- Most Linux distros do not yet support the network card (Intel 559/I218-V) – I had to netboot a Debian unstable netboot iso image (from here )
Good things –
- BTRFS root filesystem + booting etc just worked with Jessie.
- X configuration just works – even though it’s quite a new graphics chipset.
- Boot time is VERY fast – currently <5 seconds.
We recently bought two Dell SC1435 servers off eBay. They seemed cheap and quite well specced (dual 4 core CPUs, plenty of RAM for us) – perhaps ideal for redundant mail servers.
Anyway, they’re IPMI 2.0 compliant – meaning they should be controllable remotely (e.g serial console, forceful power cycling etc without the need for some sort of graphical KVM console or DRAC card.).
(A few years later, I bought a Dell t300 from Ebay; the below works for it too)
Here are some notes on setting up/configuring IPMI support and how it can be used – :